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DETAILED ACTION 

1 . This action is responsive to communication: filed on 21 July 2005 with an original 
application filed 15 May 2001, with acknowledgement of foreign application date of 

16 May 2000., 

2. Claims 1-29 are currently pending in this application. Claims 1, 22, 23, and 24 are 
independent'claims. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-29 have been considered but they are not 
persuasive. 

In response to applicant's argument on page 2, "the Examiner has not provided disclosure 
in Glass et al. as to where a user identifier is included in a transaction request message ... The 
photo image or associated code are not user identifiers as claimed". The Office disagrees with 
argument, the token, which is, included within the transaction request message servers as a user 
identifier because it identifies the transaction in which contains the user identity. See ( 193 col. 3, 
lines 60-67; this section explains how the token is provided to the camera or other sensor before 
the transaction request message. 

In response to applicant's argument beginning on page 2, "In the Examiner's scenario, in 
Glass et al., the camera image sent to the network would be from an "end terminal" rather than 
form (from) an ECSP". The Office disagrees the references should be applied in combination, as 
noted in the below and previous Office Action Musgrave discloses the ECSP transmitting the 
authentication request see '151 col. 5, lines 36-60. This section shows the receiver sends the 
biometric certificate for authentication to a biometric certificate management system (BCMS). 
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In response to applicant's argument on page 3, "in the section of Glass et al. relates to 
authenticating that the photo image has not been tampered with, and not for comparing 
biometrics data as recited in claim 1". The Office disagrees, the references, as a whole should be 
reviewed. In addition the Glass invention is for collecting biometric images not merely photo 
images. It is in the authentication server shown in both references that the biometrics are 
authenticated. See ' 193 col. 10, lines 50-59 and'151 col. 5, lines 36-60. 

In response to applicant's arguments beginning on page 3, "As noted above, the camera 
certification authority of Glass et al. verifies that the image has not been tampered with and is not 
used for comparing biometric data. Further, the secret key used by the camera certification 
authority would not correspond to a user identity as claimed". The Office disagrees with the 
argument relating to comparing biometric data, the references, as a whole should be reviewed. 
In addition the Glass invention is for collecting biometric images not merely photo images. It is 
in the authentication server shown in both references that the biometrics are authenticated. The 
Office disagrees with argument relating to user identity, the token, which is, included within the 
transaction request message servers as a user identifier because it identifies the transaction in 
which contains the user identity. 

In response to applicant's argument on page 4, "This consultation with the camera 
certification authority suggest quite the opposite than that claimed". The Office disagrees with 
applicant's interpretation of the rejection. As stated in the previous Office Action as well as 
below the token is generated from a token generator, which resides in the authentication server. 
The authentication server provides the token which defines a unique transaction to the camera or 
sensor as discussed above as well as in '193 col. 3, lines 60-67. 



Application/Control Number: 09/854,666 
Art Unit: 2134 



Page 4 



Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior 
art are such thai the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

5. Claims 1-29 are rejected under 35 U.S.C. 103(a) as being unpatentable over Musgrave et 
al. U.S. Patent No. 6,202,151 (hereinafter ' 151) in further view of Glass et al. U.S. Patent No. 
6,332,193 (hereinafter ' 193). 

As to dependent claim 1, "An identification system comprising: a plurality of end 
terminals" is taught in c 1 5 1 col. 4, lines 23-26 "The disclosed biometric certification system 24 
is shown in FIGS. 3-4. It has a set of input devices, including a biometric input device"; 

"at least one electronic commerce service provider (ECSP) unit for receiving said 
transaction request message via said network" is shown in £ 151 col. 5, lines 36-60 "Referring 
to FIG. 4, after receiving the electronic transaction from the network 42, a receiver 44 decrypts 
the electronic transaction using its private key ... The receiver 44 then sends the biometric 
certificate to a biometric certificate management system (BCMS)"; 

"and returning a reply to said ECSP unit via said network indicating that said 
transaction request message is authenticated if the received biometrics data coincides with 
said mapped biometrics data" is taught in '151 col. 6, lines 5-18 "The classifier 52 then 
generates an authentication decision, which may be logic values corresponding to YES or NO, or 
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TRUE or FALSE, indicating verification of the authenticity of the user sending the electronic 
transaction"; 

the following is not taught in ( 1 5 1 : 

"each of the end terminals transmitting a transaction request message containing 
biometrics data of a user and a user identifier of said user to a communications network" 
however '193 teaches "the biometric data is transferred from one computer over an unsecured 
network to another computer for identification or verification of a user" in col. 3, lines 45-50; 

"and transmitting an authentication request message containing said biometrics 
data and said user identifier to said network" however '193 teaches "the file with code is 
output to a network for transfer to an authentication server system" in col. 3, lines 51-59; 

"and an authentication server having a database for mapping a plurality of 
registered biometrics data to a plurality of corresponding registered user identifiers, the 
authentication server receiving the authentication request message via said network 
comparing the received biometrics data to one of the registered biometrics data which is 
mapped in said database to the user identifier contained in said authentication request 
message" however c 193 shows "The camera certification authority may be a dingle data base 
residing within the authentication server or it may reside in a separate computer" col. 4, 
lines 14-17. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of ' 15 1 a system and method for authenticating electronic transaction 
using biometric certificates to include a means to distribute this biometric data over a network. 
One of ordinary skill in the art would have been motivated to perform such a modification to 



Application/Control Number: 09/854,666 Page 6 

Art Unit: 2134 

prevent attackers from impersonating an identity and increase user flexibility. As indicated by 
' 193 (see col. 2, lines 13 et seq.) "There are several key places where an attacker could perform 
this image substitution . . . Thus, there is a need for a method and device which can transmit 
biometric data while preventing image substitution or tampering". 

As to dependent claim 2, "wherein each of said end terminals is configured to cipher 
the biometrics data so that the biometrics data contained in said transaction request 
message and said authentication request message is the ciphered biometrics data, and 
wherein said authentication server is configured to decipher the ciphered biometrics data 
contained in the received authentication request message" is shown in '151 col. 5, 
l ines 15-36 "The authenticating certificate, being the concatenation of the set 16 of data, 
including the biometric data 20, with the public key and the transaction data, is then processed ... 
The hashed value is then sent to a registration authority (RA) 36 having a biometric certificate 
generator 38". 

As to dependent claim 3, "wherein said ECSP unit includes a conversion table for 
mapping a first plurality of user identifiers to a second plurality of user identifiers, wherein 
said first plurality of user identifiers are used by said plurality of end terminals and said 
second plurality of user identifiers are the user identifiers registered in said database, said 
ECSP unit converting the user identifier contained in the received transaction request 
message to one of the second plurality of user identifiers which is mapped to the received 
user identifier and transmitting said authentication request message containing the 
converted user identifier' 5 is disclosed in '193 col. 4, lines 14-17 "The camera certification 
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authority may be a single database residing within the authentication server or it may reside in a 
separate computer". 

As to dependent claim 4, "wherein each of said end terminals is configured to cipher 
the biometrics data with a secret key generated by a variable secret key generator which 
generates secret keys which vary with time, the generated secret key being agreed-upon 
with said authentication server" is taught in '193 col. 3, lines 60-67 "We further prefer to 
provide a token generator in the authentication server which sends a token to the camera or other 
sensor. That token is applied to the digital file before it is transferred to the authentication 
server. The token defines a unique transaction and couples the biometric data to the transaction 
thus preventing use of the biometric data at a later time or putting a time limit as to when the data 
becomes invalid' 1 . 

As to dependent claim 5, "wherein said variable secret key generator is located at 
said authentication server and wherein each of said end terminals is configured to 
transmit a key request message to said authentication server via said ECSP unit to receive 
said secret key from the secret key generator and ciphering the biometrics data with the 
received secret key before said transaction request message is transmitted" is taught in 
'193 col. 9, lines 15-25 "Referring to FIG. 7 the transaction begins when the client system 1 
requests access to a resource protected by the server computer 10. For example, an individual 
wishes to use his computer 2 to access the money transfer screens that enable him to move 
funds from his bank account to another account. This could be a transfer from his savings 
account to his checking account or a payment of bills by sending funds to the account of one of 
his vendors. The authentication server 10 has a request handler 12 which receives the inquiry. 
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Upon receiving the request the authentication server computer 10 initiates a security transaction 
to ultimately provide access to the protected resource. The server, as part of the transaction, 
generates a unique token or set of unique tokens, one of which is sent back to the client. The 
tokens are created by a token generator 13 and may be generated as a result of a random number 
generator, a random key generator, a unique transaction number, a time stamp, or a combination 
of any or all of the above". 

As to dependent claim 6, "wherein said authentication server comprises a variable 
secret key generator which generates a secret key which varies with time, and a 
description unit for deciphering the received ciphered biometrics data by using the secret 
key generated by said secret key generator" is taught in '193 col. 7, line 33 through col. 8, 
line 13 "If a token scheme is used, the token is generated by the server 10 and communicated to 
the client system 1 just prior to image capture ... the server can set a clock which causes tokens 
to expire after some period of time. In fact, a clock expiration scheme does not need tokens to 
work; as long as the transaction can be timed and there is a finite window of opportunity for the 
client to send an image back to the server, some protection is offered . . . However, a time stamp 
may be included in the algorithm for generating the token, or the token itself may be some 
representation of time . . . Another possible variation of the implementation of the token scheme 
involves generating unique values which function as keys for a digital signature algorithm 
which uses a key or keys. This is slightly different than an implementation in which the token 
generator merely generates unique blocks of data, since the token generator must generate 
unique, but valid, keys. This also offers the ability to use an asymmetric digital signature 
algorithm . . . For an asymmetric algorithm, two tokens or keys are generated. The first key is 
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sent to the camera, and the second or complementary key is kept within the server. The latter 
method provides additional security since one key never leaves the secure server". 

As to dependent claim 7, "wherein each of said end terminals comprises a user 
terminal exclusively owned by said use" is shown in '193 col. 4, lines 6-10 "The secret key 
assures that an attacker with knowledge of the image, token and code generation algorithm 
cannot create a valid code for a substituted or tampered image. The secret key may be a serial 
number or other identification number that is unique to the camera or sensor that collects the 
biometric data. If such a code is used we can provide a separate camera certification authority 
which contains a listing of authorized cameras" 

As to dependent claim 8, "wherein each of said end terminals comprises a sales 
terminal to which a plurality of user's handheld personal units can be connected, wherein 
said sales terminal transparently transmits a transaction request messaged received from 
each of the personal units to said ECSP unit" is disclosed in ( 193 col. 8, lines 22-45 "FIG. 6 
shows how client and server systems would be connected together In FIG. 6 there are several 
client systems la, lb through In. Each client system has a host computer 2 and associated 
imagining system 4 which includes a camera. The client systems can be connected to one of 
many authentication servers systems 10a, 10b through lOn. Theses servers may be associated 
with other computer systems that perform online banking transactions. Other authentication 
servers may be associated with other vendors whose services or products may be purchased over 
the network 9. This network most likely will be the Internet but it could be another public carrier 
such as a telephone system or satellite transmission system. When the selected server receives a 
request for access from on of the clients it sends a query for one of the keys, the public key, to a 
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central Camera Certification Authority 30, which would hold all public keys for all cameras. 
The inquiry contains the serial number reported by the camera. The public key would be used to 
determine whether a particular camera signed the image received by the server using that same 
camera's internal private key" (i.e. "sales terminals" same as "vendor"/ "handheld" same as 
"satellite transmission systems") 

As to dependent claim 9, "wherein said biometrics data of said user is a fingerprint 
of said user" is shown in £ 151 col. 4, lines 30-33 "The biometric input device 26 may include 
visual cameras and/or visual reader to input fingerprints". 

As to dependent claim 10, "wherein said biometrics data of said user is an extracted 
feature of a fingerprint of said user" is disclosed in '151 col. 5, lines 6-11 "a fingerprint may 
be visually scanned to any resolution to obtain key fingerprint aspects which uniquely 
distinguish fingerprints". 

As to independent claim 11, "An identification system comprising: a plurality of end 
terminals" is taught in '151 col. 4, lines 23-26 "The disclosed biometric certification system 24 
is shown in FIGS 3-4. It has a set of input devices"; 

"at least one electronic commerce service provider (ECSP) unit for receiving said 
transaction request message via said network" is shown in '151 col. 5, lines 36-60 "Referring 
to FIG. 4, after receiving the electronic transaction from the network 42, a receiver 44 decrypts 
the electronic transaction using its private key . . . The receiver 44 then sends the biometric 
certificate to a biometric certificate management system (BCMS)"; 

"and retiming a reply to said ECSP unit via said network indicating that a user 
identified by the detected user identifier is authenticated" is taught in ( 151 col. 6, lines 5-18 
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"The classifier 52 then generates an authentication decision, which may be logic values 
corresponding to YES or NO, or TRUE or FALSE, indicating verification of the authenticity of 
the user sending the electronic transaction"; 
the following is not taught in ' 1 5 1 : 

"respectively identified by user identifiers" however '193 teaches "When the selected 
server receives a request for access from on of the clients it sends a query for one of the keys, the 
public key, to a central Camera Certification Authority 30, which would hold all public keys for 
all cameras. The inquiry contain the serial number reported by the camera. The public key 
would be used to determine whether a particular camera signed the image received by the server 
using that same camera's internal private key" in col. 8, lines 33-40; 

"each of the end terminals transmitting a transaction request message containing 
biometrics data of a user and a user identifier of said user to a communications network 55 
however ' 1 93 teaches "the biometric data is transferred from one computer over an unsecured 
network to another computer for identification or verification of a user" in col. 3, lines 45-50; 

"and transmitting an authentication request message containing said biometrics 
data to said network 55 however c 193 teaches "the file with code is output to a network for 
transfer to an authentication server system" in col. 3, lines 51-59; 

"and an authentication server having a database for mapping a plurality of 
registered biometrics data to a plurality of corresponding registered user identifiers, the 
authentication server receiving the authentication request message via said network, 
comparing the received biometrics data to all of the registered biometrics data in said 
database, detecting the user identifier mapped to the biometrics data which coincides with 
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the received biometrics data" however '193 shows "The camera certification authority may be 
a dingle data base residing within the authentication server or it may reside in a separate 
computer" col. 4 5 lines 14-17. 

As to dependent claims 12-19, these claims contain substantially similar subject matter 
as dependent claims 2-19 above and are therefore rejected along similar rationale. 

As to independent claim 20, "An identification method comprising the steps of: a) 
transmitting, from an end terminal a transaction request message containing biometrics 
data of a user to a communications network" is taught in '193 col. 3, lines 51-59; 

"b) receiving at an electronic commerce service provider, said transaction request 
message via said network; c) transmitting, from the electronic commerce service provider, 
an authentication request message containing said biometrics data to said network" is 
shown in '151 col 5, lines 36-60; 

u d) receiving said authentication request message via said network at a user 
authenticator having a database for storing a plurality of registered biometrics data; e) 
determining whether the received biometrics data has corresponding biometrics data in 
said database; is disclosed in '193 col. 4, lines 14-17; 

"and 0 returning a reply from said user authenticator to said electronic commerce 
service provider via said network indicating that said transaction request message is 
authenticated if the received biometrics data coincides with one of the registered biometrics 
data of the database" is disclosed in '151 col. 6, lines 5-18. 

As to dependent claim 21, "wherein the step (a) further comprises ciphering the 
biometrics data and transmitting said transaction request message containing the ciphered 
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biometrics data to said network, and wherein the step (d) further comprises the step of 
deciphering the biometrics data contained in the received authentication request message" 
is shown in £ 15] col. 5, lines 15-36. 

As to independent claim 22, "An identification method comprising the steps of: a) 
transmitting, from an end terminal, a transaction request message containing biometrics 
data of a user and a user identifier of said user to a communications network" is disclosed 
in '193 col. 3, lines 45-50; 

"b) receiving, at an electronic commerce service provider, said transaction request 
message via said network" is taught in '151 col. 5, lines 36-60; 

"c) transmitting, from the electronic commerce service provider, an authentication 
request message containing said biometrics data and said user identifier to said network" is 
shown in '193 col. 3 5 lines 51-59; 

d) receiving said authentication request message at a user authenticator via said 
network, the authenticator having a database in which a plurality of registered biometrics 
data are mapped to a plurality of corresponding registered user identifiers; e) comparing 
the received biometrics data to one of the registered biometrics data which is mapped in 
said database to the user identifier contained in said authentication request message" is 
disclosed in '193 col. 4, lines 14-17; 

"and 0 returning, from the user authenticator, a reply to said electronic commerce 
service provider via said network indicating that said transaction request message is 
authenticated if the received biometrics data coincides with said mapped biometrics data" 
is shown in c 1 5 1 col. 6, lines 5-18. 
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As to dependent claim 23, "wherein the user identifiers stored in said database are 
different from the user identifiers of said end terminals, further comprising converting, at 
said service provider, the user identifier contained in the received transaction request 
message to a second user identifier which is contained in said authentication request 
message as the first-mentioned user identifier" is disclosed in '151 col. 5, line 53 through 
col. 6, line 12. 

As to dependent claim 24, "wherein the step (a) further comprises ciphering the 
biometrics data and transmitting said transaction request message containing the ciphered 
biometrics data to said network, and wherein the step (d) further comprises the step of 
deciphering the biometrics data contained in the received authentication request message" 
is taught in '151 col. 5, lines 15-36 

As to dependent claim 25, "wherein the biometrics data contained in the transaction 
request message is ciphered by using a secret key which varies with time and agrees with 
the secret key with which the ciphered biometrics data is deciphered at said user 
authenticator" is taught in '193 col. 7, line 33 through col. 8, line 13. 

As to independent claim 26, "An identification method comprising the steps of: a) 
transmitting, from an end terminal, a transaction request message containing biometrics 
data of a user to a communications network" is shown in '193 col. 3, lines 45-50; 

"b) receiving, at an electronic commerce service provider, said transaction request 
message via said network" is disclosed in '151 col. 3, lines 40-48; 

u c) transmitting from said service provider, an authentication request message 
containing said biometrics data to said network" is shown in '193 col. 3, lines 51-59; 
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"d) receiving, at a user authenticator having a database in which a plurality of 
registered biometrics data are mapped to a plurality of corresponding registered user 
identifiers, said authentication request message via said network; e) comparing the 
received biometrics data to all of the registered biometrics data in said database to detect 
coincidence; f) detecting the user identifier mapped to the biometrics data which coincides 
with the received biometrics data" is disclosed in '193 col. 4, lines 14-17; 

"and g) returning a reply from the user authenticator to said service provider via 
said network indicating that said user having the detected user identifier is authenticated" 
is taught in '151 col. 6, lines 5-18. 

As to dependent claim 27, "wherein the step (a) further comprises ciphering the 
biometrics data and transmitting said transaction request message containing the ciphered 
biometrics data to said network, and wherein the step (d) further comprises the step of 
deciphering the biometrics data contained in the received authentication request message" 
is shown in '151 col. 5, lines 15-36. 

As to independent claims 28 and 29, these claims contain substantially similar subject 
matter as the above claims and are therefore rejected along similar rationale. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1 .136(a). A shortened statutory period for reply to this final action is set to 
expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened 



Application/Control Number: 09/854,666 



Page 16 



Art Unit: 2134 

statutory period will expire on the date the advisory action is mailed, and any extension fee 
pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In 
no event, however, will the statutory period for reply expire later than SIX MONTHS from the 
mailing date of this final action. 

6. Any inquiry concerning this communication or earlier communications from the 

examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 6:30 am to 3:30 pm. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gregory A Morse can be reached on (571) 272-3838. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 
Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Ellen Tran 
Patent Examiner 
technology Center 2134 
13 October 2005 
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